The "Synchronize Torq Case Tags to Microsoft Sentinel Incidents" workflow template is designed to enhance case management by ensuring seamless synchronization between Torq case tags and Microsoft Sentinel incidents. When a tag on a Torq case is updated, this workflow automatically updates the associated incident in Microsoft Sentinel with corresponding labels, ensuring accurate and up-to-date incident information. This integration streamlines communication and improves the efficiency of incident tracking and response.

Use Cases

Case Management

Workflow Breakdown

Workflow triggers when a new tag is added or updated.
Fetch Sentinel Incident ID from Case Custom Fields.
Creates a new session on Microsoft Sentinel and updates an incident with the new tags.

Vendors

Utils, Torq Cases, Microsoft Sentinel

Tips

Original Community Post: https://community.torq.io/case-management-getting-started-7m5qtn0s/post/case-mirroring-with-microsoft-sentinel-cWKc7JL4AX9yg46

Synchronize Torq Case Severity to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Assignee to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Attachment to ServiceNow - Workflow Template

Synchronize Torq Case State Change to Microsoft Sentinel Incident - Workflow Template

Synchronize Torq Case Comment to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Tags to Microsoft Sentinel Incidents - Workflow Template

Use Cases

Workflow Breakdown

Vendors

Tips